pentestMCP

import time import uuid import requests import os from datetime import datetime import json ZAP_BASE_URL = "http://127.0.0.1:8888" class ActiveScan(): def start_scan(self, target_url, recurse): add_in_tree = f"{ZAP_BASE_URL}/JSON/core/action/accessUrl" active_scan_endpoint = f"{ZAP_BASE_URL}/JSON/ascan/action/scan/" params = { "url": target_url, "followRedirects": recurse # optional: if this is supported by your ZAP instance } added_in_tree = requests.get(add_in_tree, params=params) if added_in_tree.status_code == 200: response = requests.get(active_scan_endpoint, params=params) response_data = response.json() if "scan" in response_data: return response_data["scan"] def checkStatus(self, scanId): endpoint = f"{ZAP_BASE_URL}/JSON/ascan/view/status/" params = { "scanId": f"{scanId}" } status = 0 response = requests.get(endpoint, params=params) response_data = response.json() if "status" in response_data: status = int(response_data["status"]) return status def scanResults(self, ZAP_BASE_URL, baseurl, status): endpoint = f"{ZAP_BASE_URL}/JSON/core/view/alerts/" params = { "baseurl": baseurl } if status == 100: response = requests.get(endpoint, params=params) response_data = response.json() return response_data def save_results(self, results, tool_name): ts = datetime.now().strftime("%Y%m%d%H%M%S") uid = uuid.uuid4().hex filename = f"{ts}_{uid}.json" try: output_dir = os.path.join(os.getcwd(), "ZAP_Active_Scan_output") os.makedirs(output_dir, exist_ok=True) filepath = os.path.join(output_dir, filename) with open(filepath, "w") as file: json.dump(results, file, indent=4) return filepath except FileNotFoundError: return f"Error: Directory {output_dir} does not exist." except PermissionError: return f"Error: Permission denied to write to {output_dir}." except Exception as e: return f"Error saving results: {e}"